Skip to content

Commit 8128fae

Browse files
gh0x0stgh0x0st
authored
Add files via upload
1 parent e38ae5a commit 8128fae

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

42 files changed

+3542
-2
lines changed

Database Scripts/create-database.py

Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
#!/usr/bin/python3
2+
3+
import sqlite3
4+
5+
def create_connection(db_file):
6+
conn = None
7+
try:
8+
conn = sqlite3.connect(db_file)
9+
except Exception as e:
10+
print(e)
11+
return conn
12+
13+
14+
def create_db(conn):
15+
createHostDiscoveryTable="""CREATE TABLE IF NOT EXISTS HostDiscovery (
16+
id integer PRIMARY KEY,
17+
IP text NOT NULL,
18+
Status text NOT NULL,
19+
ICMP_Echo text NOT NULL);"""
20+
try:
21+
c = conn.cursor()
22+
c.execute(createHostDiscoveryTable)
23+
except Exception as e:
24+
print(e)
25+
26+
27+
def main():
28+
db_file = 'PythonizingNmap.db'
29+
conn = create_connection(db_file)
30+
create_db(conn)
31+
32+
33+
if __name__ == '__main__':
34+
main()

Database Scripts/insert-content.py

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,48 @@
1+
#!/usr/bin/python3
2+
3+
import sqlite3
4+
import xml.etree.ElementTree as ET
5+
6+
7+
def create_connection(db_file):
8+
conn = None
9+
try:
10+
conn = sqlite3.connect(db_file)
11+
except Exception as e:
12+
print(e)
13+
return conn
14+
15+
16+
def insert_content(conn, content):
17+
sql = ''' INSERT INTO HostDiscovery(IP,Status,ICMP_Echo)
18+
VALUES(?,?,?) '''
19+
cur = conn.cursor()
20+
cur.execute(sql, content)
21+
return cur.lastrowid
22+
23+
24+
def main():
25+
# Database Connection
26+
db_file = 'PythonizingNmap.db'
27+
conn = create_connection(db_file)
28+
29+
# Parse XML
30+
in_xml_echo = '/home/tristram/Scans/Stage_1/icmp_echo_host_discovery.xml'
31+
32+
# Load ICMP Echo XML
33+
xml_tree_echo = ET.parse(in_xml_echo)
34+
xml_root_echo = xml_tree_echo.getroot()
35+
36+
# Load ICMP Echo XML
37+
for host in xml_root_echo.findall('host'):
38+
echo_ip = host.find('address').get('addr')
39+
echo_state = host.find('status').get('state')
40+
echo_reason = host.find('status').get('reason')
41+
42+
# Insert results into database
43+
insert_content(conn, (echo_ip, echo_state, echo_reason))
44+
conn.commit()
45+
46+
47+
if __name__ == '__main__':
48+
main()

Database Scripts/select-content.py

Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
#!/usr/bin/python3
2+
3+
import sqlite3
4+
5+
def create_connection(db_file):
6+
conn = None
7+
try:
8+
conn = sqlite3.connect(db_file)
9+
except Exception as e:
10+
print(e)
11+
return conn
12+
13+
14+
def select_content(conn):
15+
sql = """SELECT IP
16+
FROM HostDiscovery
17+
WHERE Status = 'up'
18+
"""
19+
cur = conn.cursor()
20+
cur.execute(sql)
21+
rows = cur.fetchall()
22+
return rows
23+
24+
25+
def main():
26+
db_file = 'PythonizingNmap.db'
27+
conn = create_connection(db_file)
28+
live_hosts = select_content(conn)
29+
for host in live_hosts:
30+
print(f'Live: {host[0]}')
31+
32+
33+
if __name__ == '__main__':
34+
main()

Nmap Scripts/full-port-scan.py

Lines changed: 62 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,62 @@
1+
#!/usr/bin/python3
2+
3+
import xml.etree.ElementTree as ET
4+
import subprocess
5+
import shlex
6+
import os
7+
import sys
8+
9+
10+
def parseDiscoverXml(in_xml):
11+
live_hosts = []
12+
xml_tree = ET.parse(in_xml)
13+
xml_root = xml_tree.getroot()
14+
for host in xml_root.findall('host'):
15+
ip_state = host.find('status').get('state')
16+
if ip_state == "up":
17+
live_hosts.append(host.find('address').get('addr'))
18+
return live_hosts
19+
20+
21+
def convertToNmapTarget(hosts):
22+
hosts = list(dict.fromkeys(hosts))
23+
return " ".join(hosts)
24+
25+
26+
def tcpSynPortScan(target, out_xml,):
27+
out_xml = os.path.join(out_xml,'65535_portscan.xml')
28+
nmap_cmd = f"/usr/bin/nmap {target} -p- -n -Pn -sS -T4 --min-parallelism 100 --min-rate 128 -vv -oX {out_xml}"
29+
sub_args = shlex.split(nmap_cmd)
30+
subprocess.Popen(sub_args, stdout=subprocess.PIPE, stderr=subprocess.PIPE).communicate()
31+
makeInvokerOwner(out_xml)
32+
33+
34+
def makeInvokerOwner(path):
35+
uid = os.environ.get('SUDO_UID')
36+
gid = os.environ.get('SUDO_GID')
37+
if uid is not None:
38+
os.chown(path, int(uid), int(gid))
39+
40+
41+
def is_root():
42+
if os.geteuid() == 0:
43+
return True
44+
else:
45+
return False
46+
47+
48+
def main():
49+
if not is_root():
50+
print('[!] TCP/SYN scans requires root privileges')
51+
sys.exit(1)
52+
53+
hosts = parseDiscoverXml('/home/tristram/Scans/Stage_1/icmp_echo_host_discovery.xml')
54+
hosts += parseDiscoverXml('/home/tristram/Scans/Stage_1/icmp_netmask_host_discovery.xml')
55+
hosts += parseDiscoverXml('/home/tristram/Scans/Stage_1/icmp_timestamp_host_discovery.xml')
56+
hosts += parseDiscoverXml('/home/tristram/Scans/Stage_1/port_host_discovery.xml')
57+
58+
target = convertToNmapTarget(hosts)
59+
tcpSynPortScan(target, os.getcwd())
60+
61+
if __name__ == '__main__':
62+
main()

Nmap Scripts/host-discovery.py

Lines changed: 68 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,68 @@
1+
#!/usr/bin/python3
2+
3+
import shlex
4+
import subprocess
5+
import os
6+
import sys
7+
8+
9+
def sendIcmpEcho(target, out_xml):
10+
out_xml = os.path.join(out_xml,'icmp_echo_host_discovery.xml')
11+
nmap_cmd = f"/usr/bin/nmap {target} -n -sn -PE -vv -oX {out_xml}"
12+
sub_args = shlex.split(nmap_cmd)
13+
subprocess.Popen(sub_args, stdout=subprocess.PIPE, stderr=subprocess.PIPE).communicate()
14+
makeInvokerOwner(out_xml)
15+
16+
17+
def sendIcmpNetmask(target, out_xml):
18+
out_xml = os.path.join(out_xml,'icmp_netmask_host_discovery.xml')
19+
nmap_cmd = f"/usr/bin/nmap {target} -n -sn -PM -vv -oX {out_xml}"
20+
sub_args = shlex.split(nmap_cmd)
21+
subprocess.Popen(sub_args, stdout=subprocess.PIPE, stderr=subprocess.PIPE).communicate()
22+
makeInvokerOwner(out_xml)
23+
24+
25+
def sendIcmpTimestamp(target, out_xml):
26+
out_xml = os.path.join(out_xml,'icmp_timestamp_host_discovery.xml')
27+
nmap_cmd = f"/usr/bin/nmap {target} -n -sn -PP -vv -oX {out_xml}"
28+
sub_args = shlex.split(nmap_cmd)
29+
subprocess.Popen(sub_args, stdout=subprocess.PIPE, stderr=subprocess.PIPE).communicate()
30+
makeInvokerOwner(out_xml)
31+
32+
33+
def sendTcpSyn(target, out_xml):
34+
out_xml = os.path.join(out_xml,'tcp_syn_host_discovery.xml')
35+
nmap_cmd = f"/usr/bin/nmap {target} -PS21,22,23,25,80,113,443 -PA80,113,443 -n -sn -T4 -vv -oX {out_xml}"
36+
sub_args = shlex.split(nmap_cmd)
37+
subprocess.Popen(sub_args, stdout=subprocess.PIPE, stderr=subprocess.PIPE).communicate()
38+
makeInvokerOwner(out_xml)
39+
40+
41+
def makeInvokerOwner(path):
42+
uid = os.environ.get('SUDO_UID')
43+
gid = os.environ.get('SUDO_GID')
44+
if uid is not None:
45+
os.chown(path, int(uid), int(gid))
46+
47+
48+
def is_root():
49+
if os.geteuid() == 0:
50+
return True
51+
else:
52+
return False
53+
54+
55+
def main():
56+
if not is_root():
57+
print('[!] The discovery probes in this script requires root privileges')
58+
sys.exit(1)
59+
60+
target = '127.0.0.1'
61+
62+
sendIcmpEcho(target, os.getcwd())
63+
sendIcmpNetmask(target, os.getcwd())
64+
sendIcmpTimestamp(target, os.getcwd())
65+
sendTcpSyn(target, os.getcwd())
66+
67+
if __name__ == '__main__':
68+
main()

Nmap Scripts/os-detection.py

Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,64 @@
1+
#!/usr/bin/python3
2+
3+
import xml.etree.ElementTree as ET
4+
import subprocess
5+
import shlex
6+
import os
7+
import sys
8+
9+
10+
def parseDiscoverXml(in_xml):
11+
live_hosts = []
12+
xml_tree = ET.parse(in_xml)
13+
xml_root = xml_tree.getroot()
14+
for host in xml_root.findall('host'):
15+
ip_state = host.find('status').get('state')
16+
if ip_state == "up":
17+
live_hosts.append(host.find('address').get('addr'))
18+
return live_hosts
19+
20+
21+
def convertToNmapTarget(hosts):
22+
hosts = list(dict.fromkeys(hosts))
23+
return " ".join(hosts)
24+
25+
26+
def osScan(targets, out_xml):
27+
out_xml = os.path.join(out_xml,f'osdetection.xml')
28+
nmap_cmd = f"/usr/bin/nmap {targets} -n -Pn -O -T4 --min-parallelism 100 --min-rate 64 -vv -oX {out_xml}"
29+
sub_args = shlex.split(nmap_cmd)
30+
subprocess.Popen(sub_args, stdout=subprocess.PIPE, stderr=subprocess.PIPE).communicate()
31+
makeInvokerOwner(out_xml)
32+
33+
34+
def makeInvokerOwner(path):
35+
uid = os.environ.get('SUDO_UID')
36+
gid = os.environ.get('SUDO_GID')
37+
if uid is not None:
38+
os.chown(path, int(uid), int(gid))
39+
40+
41+
def is_root():
42+
if os.geteuid() == 0:
43+
return True
44+
else:
45+
return False
46+
47+
48+
def main():
49+
if not is_root():
50+
print('[!] TCP/IP fingerprinting (for OS scan) requires root privileges.')
51+
sys.exit(1)
52+
53+
hosts = parseDiscoverXml('/home/tristram/Scans/Stage_1/icmp_echo_host_discovery.xml')
54+
hosts += parseDiscoverXml('/home/tristram/Scans/Stage_1/icmp_netmask_host_discovery.xml')
55+
hosts += parseDiscoverXml('/home/tristram/Scans/Stage_1/icmp_timestamp_host_discovery.xml')
56+
hosts += parseDiscoverXml('/home/tristram/Scans/Stage_1/port_host_discovery.xml')
57+
58+
target = convertToNmapTarget(hosts)
59+
60+
osScan(target, os.getcwd())
61+
62+
63+
if __name__ == '__main__':
64+
main()

Nmap Scripts/service-scan.py

Lines changed: 47 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,47 @@
1+
#!/usr/bin/python3
2+
3+
import xml.etree.ElementTree as ET
4+
import subprocess
5+
import shlex
6+
import os
7+
8+
9+
def parseDiscoverPorts(in_xml):
10+
results = []
11+
port_list = ''
12+
xml_tree = ET.parse(in_xml)
13+
xml_root = xml_tree.getroot()
14+
for host in xml_root.findall('host'):
15+
ip = host.find('address').get('addr')
16+
ports = host.findall('ports')[0].findall('port')
17+
for port in ports:
18+
state = port.find('state').get('state')
19+
if state == 'open':
20+
port_list += port.get('portid') + ','
21+
port_list = port_list.rstrip(',')
22+
if port_list:
23+
results.append(f"{ip} {port_list}")
24+
port_list = ''
25+
return results
26+
27+
28+
def serviceScan(target_ip, target_ports, out_xml):
29+
out_xml = os.path.join(out_xml,f'{target_ip}_services.xml')
30+
nmap_cmd = f"/usr/bin/nmap {target_ip} -p {target_ports} -n -Pn -sV --version-intensity 6 --script banner -T4 -vv -oX {out_xml}"
31+
sub_args = shlex.split(nmap_cmd)
32+
subprocess.Popen(sub_args, stdout=subprocess.PIPE, stderr=subprocess.PIPE).communicate()
33+
34+
35+
def main():
36+
in_xml = '/home/tristram/Scans/Stage_2/top_1000_portscan.xml'
37+
targets = parseDiscoverPorts(in_xml)
38+
for target in targets:
39+
element = target.split()
40+
target_ip = element[0]
41+
target_ports = element[1]
42+
print(f'Scanning: {target_ip} against ports {target_ports}')
43+
serviceScan(target_ip, target_ports, os.getcwd())
44+
45+
46+
if __name__ == '__main__':
47+
main()

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy